The audits, performed by the Army Web Risk Assessment Cell
between January 2006 and January 2007, found at least 1,813 violations
of operational security policy on 878 official military websites. In
contrast, the 10-man, Manassas, Virginia, unit discovered 28 breaches,
at most, on 594 individual blogs during the same period.

"It's clear that official Army websites are the real security
problem, not blogs," said EFF staff attorney Marcia Hofmann. "Bloggers,
on the whole, have been very careful and conscientious. It's a pretty
major disparity." The findings stand in stark contrast to Army statements about the risks that blogs pose.

Link to blog post, and here is the related report in Wired News: Link.